Initial commit

This commit is contained in:
Andrew Hamon 2017-07-11 22:13:52 -05:00
commit 2a69e4f15c
16 changed files with 301 additions and 0 deletions

7
.editorconfig Normal file
View File

@ -0,0 +1,7 @@
[*.cr]
charset = utf-8
end_of_line = lf
insert_final_newline = true
indent_style = space
indent_size = 2
trim_trailing_whitespace = true

8
.gitignore vendored Normal file
View File

@ -0,0 +1,8 @@
/doc/
/lib/
/bin/
/.shards/
# Libraries don't need dependency lock
# Dependencies will be locked in application that uses them
/shard.lock

1
.travis.yml Normal file
View File

@ -0,0 +1 @@
language: crystal

21
LICENSE Normal file
View File

@ -0,0 +1,21 @@
The MIT License (MIT)
Copyright (c) 2017 Andrew Hamon
Permission is hereby granted, free of charge, to any person obtaining a copy
of this software and associated documentation files (the "Software"), to deal
in the Software without restriction, including without limitation the rights
to use, copy, modify, merge, publish, distribute, sublicense, and/or sell
copies of the Software, and to permit persons to whom the Software is
furnished to do so, subject to the following conditions:
The above copyright notice and this permission notice shall be included in
all copies or substantial portions of the Software.
THE SOFTWARE IS PROVIDED "AS IS", WITHOUT WARRANTY OF ANY KIND, EXPRESS OR
IMPLIED, INCLUDING BUT NOT LIMITED TO THE WARRANTIES OF MERCHANTABILITY,
FITNESS FOR A PARTICULAR PURPOSE AND NONINFRINGEMENT. IN NO EVENT SHALL THE
AUTHORS OR COPYRIGHT HOLDERS BE LIABLE FOR ANY CLAIM, DAMAGES OR OTHER
LIABILITY, WHETHER IN AN ACTION OF CONTRACT, TORT OR OTHERWISE, ARISING FROM,
OUT OF OR IN CONNECTION WITH THE SOFTWARE OR THE USE OR OTHER DEALINGS IN
THE SOFTWARE.

52
README.md Normal file
View File

@ -0,0 +1,52 @@
# cox
Crystal bindings for the [libsodium box API](https://download.libsodium.org/doc/public-key_cryptography/authenticated_encryption.html)
Given a recipients public key, you can encrypt and sign a message for them. Upon
receipt, they can decrypt and authenticate the message as having come from you.
## Installation
Add this to your application's `shard.yml`:
```yaml
dependencies:
cox:
github: andrewhamon/cox
```
## Usage
```crystal
require "cox"
data = "Hello World!"
# Alice is the sender
alice = Cox::KeyPair.new
# Bob is the recipient
bob = Cox::KeyPair.new
# Encrypt a message for Bob using his public key, signing it with Alice's
# secret key
nonce, encrypted = Cox.encrypt(data, bob.public, alice.secret)
# Decrypt the message using Bob's secret key, and verify its signature against
# Alice's public key
decrypted = Cox.decrypt(encrypted, nonce, alice.public, bob.secret)
String.new(decrypted) # => "Hello World!"
```
## Contributing
1. Fork it ( https://github.com/andrewhamon/cox/fork )
2. Create your feature branch (git checkout -b my-new-feature)
3. Commit your changes (git commit -am 'Add some feature')
4. Push to the branch (git push origin my-new-feature)
5. Create a new Pull Request
## Contributors
- [andrewhamon](https://github.com/andrewhamon) Andrew Hamon - creator, maintainer

9
shard.yml Normal file
View File

@ -0,0 +1,9 @@
name: cox
version: 0.1.0
authors:
- Andrew Hamon <andrew@hamon.cc>
crystal: 0.23.0
license: MIT

25
spec/cox_spec.cr Normal file
View File

@ -0,0 +1,25 @@
require "./spec_helper"
describe Cox do
# TODO: Write tests
it "works" do
data = "Hello World!"
# Alice is the sender
alice = Cox::KeyPair.new
# Bob is the recipient
bob = Cox::KeyPair.new
# Encrypt a message for Bob using his public key, signing it with Alice's
# secret key
nonce, encrypted = Cox.encrypt(data, bob.public, alice.secret)
# Decrypt the message using Bob's secret key, and verify its signature against
# Alice's public key
decrypted = Cox.decrypt(encrypted, nonce, alice.public, bob.secret)
String.new(decrypted).should eq(data)
end
end

2
spec/spec_helper.cr Normal file
View File

@ -0,0 +1,2 @@
require "spec"
require "../src/cox"

30
src/cox.cr Normal file
View File

@ -0,0 +1,30 @@
require "./cox/*"
require "secure_random"
module Cox
def self.encrypt(data, nonce : Nonce, recipient_public_key : PublicKey, sender_secret_key : SecretKey)
data_buffer = data.to_slice
data_size = data_buffer.bytesize
output_buffer = Bytes.new(data_buffer.bytesize + LibSodium::MAC_BYTES)
LibSodium.crypto_box_easy(output_buffer.to_unsafe, data_buffer, data_size, nonce.pointer, recipient_public_key.pointer, sender_secret_key.pointer)
output_buffer
end
def self.encrypt(data, recipient_public_key : PublicKey, sender_secret_key : SecretKey)
nonce = Nonce.new
{nonce, encrypt(data, nonce, recipient_public_key, sender_secret_key)}
end
def self.decrypt(data, nonce : Nonce, sender_public_key : PublicKey, recipient_secret_key : SecretKey)
data_buffer = data.to_slice
data_size = data_buffer.bytesize
output_buffer = Bytes.new(data_buffer.bytesize - LibSodium::MAC_BYTES)
LibSodium.crypto_box_open_easy(output_buffer.to_unsafe, data_buffer.to_unsafe, data_size, nonce.pointer, sender_public_key.pointer, recipient_secret_key.pointer)
output_buffer
end
end
if Cox::LibSodium.sodium_init() == -1
STDERR.puts("Failed to init libsodium")
exit(1)
end

21
src/cox/key.cr Normal file
View File

@ -0,0 +1,21 @@
module Cox
abstract class Key
abstract def bytes
def pointer
bytes.to_unsafe
end
def pointer(size)
bytes.pointer(size)
end
def to_base64
Base64.encode(bytes)
end
def self.from_base64(encoded_key)
new(Base64.decode(encoded_key))
end
end
end

25
src/cox/key_pair.cr Normal file
View File

@ -0,0 +1,25 @@
require "./lib_sodium"
module Cox
class KeyPair
property public : PublicKey
property secret : SecretKey
def initialize(@public, @secret)
end
def self.new(pub : Bytes, sec : Bytes)
new(PublicKey.new(pub), SecretKey.new(sec))
end
def self.new
public_key = Bytes.new(PublicKey::KEY_LENGTH)
secret_key = Bytes.new(SecretKey::KEY_LENGTH)
LibSodium.crypto_box_keypair(public_key.to_unsafe, secret_key.to_unsafe)
new(public_key, secret_key)
end
end
end

39
src/cox/lib_sodium.cr Normal file
View File

@ -0,0 +1,39 @@
module Cox
@[Link("sodium")]
lib LibSodium
fun sodium_init() : LibC::Int
fun crypto_box_publickeybytes() : LibC::SizeT
fun crypto_box_secretkeybytes() : LibC::SizeT
fun crypto_box_noncebytes() : LibC::SizeT
fun crypto_box_macbytes() : LibC::SizeT
PUBLIC_KEY_BYTES = crypto_box_publickeybytes()
SECRET_KEY_BYTES = crypto_box_secretkeybytes()
NONCE_BYTES = crypto_box_macbytes()
MAC_BYTES = crypto_box_macbytes()
fun crypto_box_keypair(
public_key_output : Pointer(LibC::UChar),
secret_key_output : Pointer(LibC::UChar)
)
fun crypto_box_easy(
output : Pointer(LibC::UChar),
data : Pointer(LibC::UChar),
data_size : LibC::ULongLong,
nonce : Pointer(LibC::UChar),
recipient_public_key : Pointer(LibC::UChar),
sender_secret_key : Pointer(LibC::UChar)
) : LibC::Int
fun crypto_box_open_easy(
output : Pointer(LibC::UChar),
data : Pointer(LibC::UChar),
data_size : LibC::ULongLong,
nonce : Pointer(LibC::UChar),
sender_public_key : Pointer(LibC::UChar),
recipient_secret_key : Pointer(LibC::UChar)
) : LibC::Int
end
end

28
src/cox/nonce.cr Normal file
View File

@ -0,0 +1,28 @@
require "./lib_sodium"
require "secure_random"
module Cox
class Nonce
property bytes : Bytes
NONCE_LENGTH = LibSodium::NONCE_BYTES
def initialize(@bytes : Bytes)
if bytes.bytesize != NONCE_LENGTH
raise ArgumentError.new("Nonce must be #{NONCE_LENGTH} bytes, got #{bytes.bytesize}")
end
end
def self.new
new(SecureRandom.random_bytes(NONCE_LENGTH))
end
def pointer
bytes.to_unsafe
end
def pointer(size)
bytes.pointer(size)
end
end
end

15
src/cox/public_key.cr Normal file
View File

@ -0,0 +1,15 @@
require "./lib_sodium"
module Cox
class PublicKey < Key
property bytes : Bytes
KEY_LENGTH = LibSodium::PUBLIC_KEY_BYTES
def initialize(@bytes : Bytes)
if bytes.bytesize != KEY_LENGTH
raise ArgumentError.new("Public key must be #{KEY_LENGTH} bytes, got #{bytes.bytesize}")
end
end
end
end

15
src/cox/secret_key.cr Normal file
View File

@ -0,0 +1,15 @@
require "./lib_sodium"
module Cox
class SecretKey < Key
property bytes : Bytes
KEY_LENGTH = LibSodium::SECRET_KEY_BYTES
def initialize(@bytes : Bytes)
if bytes.bytesize != KEY_LENGTH
raise ArgumentError.new("Secret key must be #{KEY_LENGTH} bytes, got #{bytes.bytesize}")
end
end
end
end

3
src/cox/version.cr Normal file
View File

@ -0,0 +1,3 @@
module Cox
VERSION = "0.1.0"
end